Information Security magazine's January issue takes a deep dive into the security issues you need to be proficient with today--like endpoint security and strong authentication-- and what you'll need to keep an eye on for tomorrow--RFID and securing virtual machines.

THIS MONTH ON SEARCHSECURITY.COM

Messaging (In)securitySenior news writer Bill Brenner examines the top messaging security challenges facing today's businesses. Based on the results of exclusive reader research, we'll focus on hot-button issues like evolving threats, remote email and instant messaging, and what it takes to keep it all secure.

Free for allWhy spend money to buy security tools when you can get great tools for free? In his monthly column, Scott Sidel spotlights some of the Web's best information security freeware programs. It's a great way to keep up with the hottest tools and keep your organization's costs down.

One click awayCan't get enough information security podcasts? Visit SearchSecurity.com/podcast, where we have all of our latest podcasts available as streaming audio. With just one click, you can listen to the latest news, exclusive interviews and in-depth technical tips on your desktop without pesky downloads.

Wide world of endpoint security Network perimeters have dissolved as your employees, contractors and partners access data from virtually anywhere. All of those endpoints introduce risk to your network. Expert David Strom hosts a webcast Jan. 17 at noon ET, that will explain what makes up a successful endpoint security strategy and how evolving vendor partnerships are affecting NAC product sets.
>>Register for thiswebcast.

FFIEC Crash Course Financial institutions that offer online banking are required by the Federal Financial Institutions Examination Council (FFIEC) to implement strong authentication to secure transactions. Now that the first FFIEC deadline has passed, keep this crash course on FFIEC and strong authentication handy as a resource guide.
>>ReviewTwo-factor authentication and the FFIEC: A crash course

RFID primer Is RFID in your company's future? Expert Joel Dubin explains some of the security issues that exist and would need to be resolved before RFID becomes a mainstream tracking technology for your supply chain. >>Review RFID tags: Do they have a secure future?

Snort and syslog Snort is probably the most popular network intrusion detection system in deployment, but admittedly, it doesn't do a good job with syslog traffic, expert Mike Chapple says. In this tip, he points you to some of the best alternatives for monitoring Snort log data. >>Read Can Snort read multi-platform syslogs?

Zero Hour This list lays out zero-day flaws in Windows that were discovered in 2006 and when they were patched:

Month

Flaw

Appeared

Patched

Patch

Payload

January

WMF

Dec. 28, 2005

Jan. 5

MS06-01

Spyware infections, spam relays

March

IE createTextRange

March 22

April 11

MS06-013

Remote code execution

May

Word malformed object pointer

May 10

June 13

MS06-027

Remote code execution

June

Excel document processing

June 16

July 11

MS06-037

Remote code execution

July

PowerPoint malformed shape container or record

July 12

Aug. 8

MS06-048

Remote code execution

September

IE Vector Markup Language buffer overflow

Sept. 18

Sept. 26

MS06-055

Botnet; remote code execution

PowerPoint

Sept. 27

Oct. 10

MS06-058

Remote code execution

Word

Sept. 2

Oct. 10

MS06-060

Remote code execution

November

Visual Studio Object Broker ActiveX control

Nov. 1

Dec. 12

MS06-073

Remote code execution

XML Core Services XMLHTTP 4.0 ActiveX control

Nov. 3

Nov. 15

MS06-071

Remote code execution

December

Word

Dec. 5

Unpatched

Remote code execution

Windows Media Player

Dec. 7

Dec. 12

MS06-078

DoS; remote code execution

Word

Dec. 10

Unpatched

Remote code execution

PING In this exclusive interview with Information Security magazine Nikk Gilbert, IT security and telecom director reviews the obstacles he encountered when placed at the helm of an enterprise that didn't have a dedicated security team and what enterprise security professionals can do secure their network.>>Read the interview with Nikk Gilbert

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy